Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mJUtA8zbV0OKjy5ahcMhwzKD0tU.roa
File: mJUtA8zbV0OKjy5ahcMhwzKD0tU.roa (raw, json)
Hash identifier: kMiR8jKtloF1qZ6dQrKS9jOQiOOFEvGt2IDY1gU2NUg=
Subject key identifier: 98:95:2D:03:CC:DB:57:43:8A:8F:2E:5A:85:C3:21:C3:32:83:D2:D5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190B5A78A29A47CE131D3AFF95AACC8B87F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mJUtA8zbV0OKjy5ahcMhwzKD0tU.roa
Signing time: Mon 15 Jul 2024 09:09:34 +0000
ROA not before: Mon 15 Jul 2024 09:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b5:a7:8a:29:a4:7c:e1:31:d3:af:f9:5a:ac:c8:b8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 15 09:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98952d03ccdb57438a8f2e5a85c321c33283d2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d2:db:e4:37:00:27:4e:60:0c:64:a1:c6:a6:
c2:89:d1:a1:44:92:fe:50:39:5e:40:23:a8:34:9d:
de:11:4b:3b:d6:ff:a5:01:dd:fd:11:be:f9:c0:c2:
1c:78:89:90:21:c2:f4:71:fc:7d:7f:ac:c6:a7:61:
06:22:1e:cb:36:c4:2d:bd:22:66:5a:51:73:d2:c7:
21:b5:6d:c2:54:0c:d9:70:ea:a9:aa:df:1d:cc:09:
af:66:59:f6:f0:c8:3a:59:85:1d:d1:0f:70:4a:5c:
af:c7:6f:4f:3f:bc:a5:76:da:35:a9:13:1a:40:a1:
31:6c:8a:db:3b:c4:74:65:7f:a0:2a:1f:ac:58:48:
50:69:cd:0d:bb:43:aa:61:d6:07:51:9d:5a:4c:63:
23:c8:cc:1c:cf:7b:ef:e1:a5:28:a1:96:e3:84:09:
a8:b5:89:b5:bb:d5:36:1d:31:c4:ff:d9:04:66:d2:
20:c6:a9:dc:02:c4:36:14:4b:c4:85:34:b1:f3:94:
e6:ae:34:88:85:d8:d3:25:ed:c5:f5:34:d8:8c:15:
2f:15:f5:d9:60:12:11:b2:0a:02:ac:14:e9:da:20:
bc:80:37:9e:42:0c:5a:50:f7:39:fd:6d:d1:44:83:
52:22:67:3a:54:67:20:43:75:0c:94:d6:eb:db:f3:
bf:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:95:2D:03:CC:DB:57:43:8A:8F:2E:5A:85:C3:21:C3:32:83:D2:D5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/mJUtA8zbV0OKjy5ahcMhwzKD0tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:9d:0d:e1:7f:4c:55:d6:84:00:15:26:5b:e5:da:db:75:17:
6a:70:ff:23:5a:60:f8:53:e0:a7:ec:0f:1e:09:e7:c7:23:d0:
7b:60:61:72:38:b3:2c:71:48:35:8b:81:01:2f:2f:2f:be:d2:
86:48:e6:68:05:bd:96:65:8d:e1:d5:3f:d1:ac:54:30:0e:1d:
53:85:b0:f3:6c:c3:02:f5:56:1e:e6:22:9a:81:1d:95:35:64:
89:1c:ed:76:12:9c:ae:4a:af:71:8f:f3:fc:4c:2e:52:20:e8:
e0:2a:8d:de:d3:6f:4f:d4:f3:ca:a4:7a:16:7d:10:bc:c8:2a:
e7:e2:7a:9d:11:41:9b:7e:5d:30:fe:e8:4a:2f:16:94:71:fa:
6c:76:e7:b2:c3:17:d5:71:9f:35:c6:a5:d2:58:b5:9b:9b:07:
18:98:58:ca:46:2b:32:e2:9e:5a:d4:24:1d:5a:68:73:b5:39:
64:fe:1b:f6:63:5d:4c:5a:18:9a:58:a6:55:bd:33:d5:2e:60:
35:9c:fa:98:9a:7c:f5:e5:bb:ca:13:a3:6e:5a:02:9d:49:4b:
5f:63:49:e8:e2:4f:07:de:ae:62:c3:90:2f:83:f2:eb:d1:77:
48:c7:84:9e:c0:0e:5e:e5:1d:30:3a:41:78:50:78:b0:44:74:
e2:30:d6:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZC1p4oppHzhMdOv+VqsyLh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzE1MDkwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk1MmQwM2NjZGI1NzQzOGE4ZjJlNWE4NWMzMjFjMzMyODNkMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtLb5DcAJ05gDGShxqbCidGhRJL+
UDleQCOoNJ3eEUs71v+lAd39Eb75wMIceImQIcL0cfx9f6zGp2EGIh7LNsQtvSJm
WlFz0schtW3CVAzZcOqpqt8dzAmvZln28Mg6WYUd0Q9wSlyvx29PP7yldto1qRMa
QKExbIrbO8R0ZX+gKh+sWEhQac0Nu0OqYdYHUZ1aTGMjyMwcz3vv4aUooZbjhAmo
tYm1u9U2HTHE/9kEZtIgxqncAsQ2FEvEhTSx85TmrjSIhdjTJe3F9TTYjBUvFfXZ
YBIRsgoCrBTp2iC8gDeeQgxaUPc5/W3RRINSImc6VGcgQ3UMlNbr2/O/PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJiVLQPM21dDio8uWoXDIcMyg9LVMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvbUpVdEE4emJWME9Lank1YWhjTWh3ektEMHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA2dDeF/TFXWhAAVJlvl
2tt1F2pw/yNaYPhT4KfsDx4J58cj0HtgYXI4syxxSDWLgQEvLy++0oZI5mgFvZZl
jeHVP9GsVDAOHVOFsPNswwL1Vh7mIpqBHZU1ZIkc7XYSnK5Kr3GP8/xMLlIg6OAq
jd7Tb0/U88qkehZ9ELzIKufiep0RQZt+XTD+6EovFpRx+mx257LDF9VxnzXGpdJY
tZubBxiYWMpGKzLinlrUJB1aaHO1OWT+G/ZjXUxaGJpYplW9M9UuYDWc+piafPXl
u8oTo25aAp1JS19jSejiTwfermLDkC+D8uvRd0jHhJ7ADl7lHTA6QXhQeLBEdOIw
1vk=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:33:16 2025 by rpki-client